VMware Cloud Foundation(VCF)5.2 の Management Workload Domain に、PowerVCF で NSX Edge Cluster を作成してみます。
今回の内容です。
事前準備
Management Domain を「vcf-m01」という名前で展開してあります。
PowerVCF は、下記のようにインストールしてあります。
SDDC Manager の Token を取得します。
PS> Request-VCFToken -fqdn vcf-m01-sddc-01.c.go-lab.jp -username administrator@vsphere.local -password "VMware1!VMware1!" Successfully Requested New API Token From SDDC Manager: vcf-m01-sddc-01.c.go-lab.jp
NSX Edge Cluster の JSON ファイルでは vSphere クラスタの ID が必要になるため、Get-VCFCluster で確認しておきます。
Management Domain のクラスタです。
PS> Get-VCFCluster
id : 7259aead-a34a-4ba4-bd80-dc0cdff385c7
domain : @{id=7cf1ffbe-c741-433a-8b13-7f781f184940}
name : vcf-m01-cl01
status : ACTIVE
primaryDatastoreName : vcf-m01-cl01-ds-vsan01
primaryDatastoreType : VSAN
hosts : {@{id=298e42a7-1ee8-40ac-ba4d-4b76b1925a7d}, @{id=0fac3548-0d37-4b2f-8104-5c57189337d3}, @{id=fd63c18f-6282-4f3a-b384-d764dd9c488d}, @{id=829c380b-ee96-46fa-bd7e-e7c7c5b34fdf}}
isStretched : False
isDefault : True
failuresToTolerate : 1
isImageBased : True
capacity : @{cpu=; memory=; storage=}
vcenter : @{id=4451c29a-987e-4dd6-a10f-e86193ff82a6; fqdn=vcf-m01-vc-01.c.go-lab.jp; vcInstanceId=c68adf0b-4a86-422a-9cba-878d3b2d4af1}
managedObjectReferenceId : domain-c9
vsanClusterMode : NONE
クラスタの ID は下記です。
PS> Get-VCFCluster -name vcf-m01-cl01 | select id id -- 7259aead-a34a-4ba4-bd80-dc0cdff385c7
JSON ファイルの作成
今回の NSX Edge Cluster は、下記の投稿と同様のパラメータで作成します。
vcf-m01_edge-cluster.json
- L17, L38:vSphere クラスタの ID を指定します。
JSON ファイルの確認
New-VCFEdgeCluster を「-validate」オプションで実行して、JSON の内容が正しいか確認しておきます。結果は、$check 変数に格納しておきます。
PS> $check = New-VCFEdgeCluster -json (Get-Content -Raw C:\work\json\vcf-m01_edge-cluster.json) -validate
「resultStatus: SUCCEEDED」となっていれば、JSON のチェックは成功しています。
PS> $check
Task validation completed successfully.
id : 2fcfdf44-8161-4131-b33e-3c2c4325f498
description : Validating NSX Edge cluster creation spec
executionStatus : COMPLETED
resultStatus : SUCCEEDED
validationChecks : {@{description=Validate Edge Node Management IP to FQDN Resolution; severity=INFO; re
sultStatus=SUCCEEDED}, @{description=Validate Distinct Uplink Interfaces per Edge Nod
e; severity=INFO; resultStatus=SUCCEEDED}, @{description=Validate Tier-1 Gateway Name
Does Not Exist; severity=INFO; resultStatus=SUCCEEDED}, @{description=Validate the s
pecified NSX enabled VDS uplinks are prepared for Edge overlay; severity=INFO; result
Status=SUCCEEDED}…}
resultStatus のみであれば、下記のように確認できます。
PS> $check.resultStatus SUCCEEDED
詳細なチェック内容は、下記のように確認できます。
PS> $check.validationChecks description ----------- Validate Edge Node Management IP to FQDN Resolution Validate Distinct Uplink Interfaces per Edge Node Validate Tier-1 Gateway Name Does Not Exist Validate the specified NSX enabled VDS uplinks are prepared for Edge overlay Check vSphere cluster has all hosts with a vCPU count and RAM size to accommodate the selected Edge for… Validate new Edge node TEP address configuration Validate IP Address Assigned to Same Subnet Validate Edge Node Overlay (TEP) IPs are Unique Validate Edge Cluster Name Does Not Exist Validate Management Network is Reachable Validate the specified VM management port group VLAN id(s) in input spec Validate if specified VM management port group info(s) in input spec do not conflict with existing port… Validate Edge Node Passwords Against NSX Password Policy Check for unique IPs for Edge management IP, Edge TEP IPs, Tier-0 uplink interface IPs & BGP Peer IPs a… Validate that TEP IPs, gateway, and management IP, gateway are in the same subnet Validate Edge Cluster Name Does Not Exist in NSX Manager Validate that the specified IP addresses in the input spec do not conflict with the Tier-0 transit subn… Validate new NSX IP pools Validate completeness of new NSX IP pools Check that the custom Edge cluster profile does not conflict with an existing profile Validate Edge Node FQDNs are Unique Validate L2 Non-Uniform and L3 Cluster Validate all vCenter clusters are either all stretched or none are stretched Validate IP Address Conflicts Validate Tier-0 Gateway Name Does Not Exist Validate vSphere Cluster Belongs to the Workload Domain Validate Uplink VLANs Validate Capacity for Hosting vSphere Cluster Validate Tier-0 specific fields Validate Routing Between Host Overlay (TEP) and Edge Overlay (TEP) Validate each Edge node's VLAN is consistent per vSphere cluster Validate the specified VM management port group name(s) in input spec Validate usability of specified NSX IP pools Check for unique IPs for Edge management IP, Edge TEP IPs, Tier-0 uplink interface IPs
NSX Edge Cluster の作成
New-VCFEdgeCluster で、NSX Edge Cluster を作成します。ここで表示されるタスク ID で、このあとタスクの進捗を確認します。
PS> New-VCFEdgeCluster -json (Get-Content -Raw C:\work\json\vcf-m01_edge-cluster.json) Task validation completed successfully. Invoking NSX Edge cluster deployment. id : d42fc469-15c8-495f-83fa-1e5c0024dd93 name : Add a NSX edge cluster status : IN_PROGRESS creationTimestamp : 2024/09/23 2:54:25 isCancellable : False isRetryable : False
タスクの進捗は、Get-VCFTask で確認できます。
PS> Get-VCFTask -id d42fc469-15c8-495f-83fa-1e5c0024dd93
id : d42fc469-15c8-495f-83fa-1e5c0024dd93
name : Adding edge cluster vcf-m01-edge-cluster
type : NSXT_EDGECLUSTER_CREATION
status : Successful
creationTimestamp : 2024/09/23 2:54:25
completionTimestamp : 2024/09/23 3:51:30
subTasks : {@{name=Acquire Lock on SDDC Manager; description=Acquire Lock on SDDC Manager; st
atus=SUCCESSFUL; creationTimestamp=2024/09/23 2:54:26; completionTimestamp=2024/09
/23 2:54:27; errors=System.Object[]}, @{name=Automation Helper Action; description
=Automation Helper Action; status=SUCCESSFUL; creationTimestamp=2024/09/23 2:54:27
; completionTimestamp=2024/09/23 2:54:27; errors=System.Object[]}, @{name=Fetch an
d Validate VMware Cloud Foundation vCenter Cluster IDs; description=Fetch and Vali
date VMware Cloud Foundation vCenter Cluster IDs; status=SUCCESSFUL; creationTimes
tamp=2024/09/23 2:54:27; completionTimestamp=2024/09/23 2:54:27; errors=System.Obj
ect[]}, @{name=Fetch Credentials from Inventory; description=Fetch Credentials fro
m Inventory; status=SUCCESSFUL; creationTimestamp=2024/09/23 2:54:27; completionTi
mestamp=2024/09/23 2:54:28; errors=System.Object[]}…}
errors : {}
resolutionStatus : UNRESOLVED
isCancellable : False
isRetryable : True
サブ タスクの情報は、下記のように確認できます。
PS> Get-VCFTask -id d42fc469-15c8-495f-83fa-1e5c0024dd93 | Select-Object -ExpandProperty subTasks | Select-Object status,creationTimestamp,completionTimestamp,name status creationTimestamp completionTimestamp name ------ ----------------- ------------------- ---- SUCCESSFUL 2024/09/23 2:54:26 2024/09/23 2:54:27 Acquire Lock on SDDC Manager SUCCESSFUL 2024/09/23 2:54:27 2024/09/23 2:54:27 Automation Helper Action SUCCESSFUL 2024/09/23 2:54:27 2024/09/23 2:54:27 Fetch and Validate VMware Cloud Foundation vCenter Cluster IDs SUCCESSFUL 2024/09/23 2:54:27 2024/09/23 2:54:28 Fetch Credentials from Inventory SUCCESSFUL 2024/09/23 2:54:28 2024/09/23 2:54:28 Automation Helper Action SUCCESSFUL 2024/09/23 2:54:28 2024/09/23 2:54:33 Perform set of validations for current workflow SUCCESSFUL 2024/09/23 2:54:33 2024/09/23 2:54:38 Obtain SDDC Manager Inventory Data SUCCESSFUL 2024/09/23 2:54:38 2024/09/23 2:54:39 Fetch NSX Overlay Transport Zone SUCCESSFUL 2024/09/23 2:54:39 2024/09/23 2:54:41 Fetch NSX enabled VDS uplinks used for overlay SUCCESSFUL 2024/09/23 2:54:41 2024/09/23 2:54:41 Ensure Edge Node NSX VDS Uplink Values are Present SUCCESSFUL 2024/09/23 2:54:41 2024/09/23 2:56:28 Pre-Validation of NSX Edge Cluster Deployment SUCCESSFUL 2024/09/23 2:56:28 2024/09/23 2:56:29 Generate Edge Cluster Input Data SUCCESSFUL 2024/09/23 2:56:29 2024/09/23 2:56:29 Update SDDC Manager Inventory with NSX Edge Cluster SUCCESSFUL 2024/09/23 2:56:29 2024/09/23 2:56:29 Fetch VLAN Port Group for VM Management traffic SUCCESSFUL 2024/09/23 2:56:29 2024/09/23 2:56:30 Fetch portgroup managed object reference id SUCCESSFUL 2024/09/23 2:56:30 2024/09/23 2:56:31 Create Resource Pool(s) SUCCESSFUL 2024/09/23 2:56:31 2024/09/23 2:56:31 Generate Host Switch Profile Input Data SUCCESSFUL 2024/09/23 2:56:31 2024/09/23 2:56:34 Create NSX Host Switch Uplink Profiles SUCCESSFUL 2024/09/23 2:56:34 2024/09/23 2:56:38 Create NSX Transport Zone Teaming Policy SUCCESSFUL 2024/09/23 2:56:38 2024/09/23 2:56:38 Generate VLAN Port Group Input Data SUCCESSFUL 2024/09/23 2:56:38 2024/09/23 2:56:44 Create Trunked Port VLAN Port Group SUCCESSFUL 2024/09/23 2:56:44 2024/09/23 2:56:44 Update SDDC Manager Inventory with VLAN Port Groups SUCCESSFUL 2024/09/23 2:56:44 2024/09/23 2:56:44 Generate NSX Edge Cluster Input Data SUCCESSFUL 2024/09/23 2:56:44 2024/09/23 3:37:38 Deploy and Configure Multiple NSX Edge Nodes SUCCESSFUL 2024/09/23 3:37:38 2024/09/23 3:37:39 Update SDDC Manager Inventory with NSX Edge Node IDs SUCCESSFUL 2024/09/23 3:37:39 2024/09/23 3:37:42 Create Anti-Affinity Rule for NSX Edge Nodes SUCCESSFUL 2024/09/23 3:37:42 2024/09/23 3:37:44 Override VM HA Isolation Response For Clusters SUCCESSFUL 2024/09/23 3:37:44 2024/09/23 3:37:47 Override HA VM Restart Priority For Clusters SUCCESSFUL 2024/09/23 3:37:47 2024/09/23 3:37:52 Create NSX Edge Cluster SUCCESSFUL 2024/09/23 3:37:52 2024/09/23 3:37:52 Update SDDC Manager Inventory with NSX Edge Cluster Source ID SUCCESSFUL 2024/09/23 3:37:52 2024/09/23 3:37:54 Create NSX Edge Cluster Credentials SUCCESSFUL 2024/09/23 3:37:54 2024/09/23 3:38:12 Create NSX Edge Cluster Uplink Segments SUCCESSFUL 2024/09/23 3:38:12 2024/09/23 3:38:12 Generate NSX Tier-0 and Tier-1 Router Input Data SUCCESSFUL 2024/09/23 3:38:12 2024/09/23 3:38:12 Automation Helper Action SUCCESSFUL 2024/09/23 3:38:12 2024/09/23 3:43:21 Create NSX Tier-0 Router SUCCESSFUL 2024/09/23 3:43:21 2024/09/23 3:43:26 Create NSX Tier-0 Locale Services SUCCESSFUL 2024/09/23 3:43:26 2024/09/23 3:43:33 Create NSX Tier-0 Interface SUCCESSFUL 2024/09/23 3:43:33 2024/09/23 3:43:38 Initialize NSX Tier-0 Routing Setting SUCCESSFUL 2024/09/23 3:43:38 2024/09/23 3:48:47 Create and Configure NSX Tier-1 Gateway SUCCESSFUL 2024/09/23 3:48:47 2024/09/23 3:48:48 Verify NSX Tier-0 to Tier-1 Connectivity SUCCESSFUL 2024/09/23 3:48:49 2024/09/23 3:48:50 Validate NSX Edge Cluster Status SUCCESSFUL 2024/09/23 3:48:50 2024/09/23 3:48:52 Retrieve Transport Zone IDs from NSX Manager SUCCESSFUL 2024/09/23 3:48:52 2024/09/23 3:48:53 Add SSH Host Key Of Edge Node VMs To Known Hosts File Of SDDC Manager SUCCESSFUL 2024/09/23 3:48:53 2024/09/23 3:51:19 Enable/Disable SSH on NSX Edge Nodes SUCCESSFUL 2024/09/23 3:51:19 2024/09/23 3:51:29 Refresh VCF resource aggregator cache SUCCESSFUL 2024/09/23 3:51:29 2024/09/23 3:51:29 Update SDDC Manager Inventory with NSX Edge Cluster Status SUCCESSFUL 2024/09/23 3:51:29 2024/09/23 3:51:29 Update NSX edge cluster and transport zone ID association in inventory SUCCESSFUL 2024/09/23 3:51:30 2024/09/23 3:51:30 Release Lock on SDDC Manager SUCCESSFUL 2024/09/23 2:56:45 2024/09/23 3:18:30 Deploy NSX Edge Node VM SUCCESSFUL 2024/09/23 3:18:31 2024/09/23 3:37:38 Deploy NSX Edge Node VM SUCCESSFUL 2024/09/23 3:37:54 2024/09/23 3:38:02 Create NSX Vlan Tagged Segment SUCCESSFUL 2024/09/23 3:38:03 2024/09/23 3:38:11 Create NSX Vlan Tagged Segment
作成された NSX Edge Cluster の様子
NSX Edge Cluster は、Get-VCFEdgeCluster で確認できます。
PS> Get-VCFEdgeCluster
id : fc758fcd-2c33-476c-bfc8-57d6f63d1efb
name : vcf-m01-edge-cluster
clusters : {@{id=7259aead-a34a-4ba4-bd80-dc0cdff385c7}}
status : ACTIVE
nsxtCluster : @{id=0933cd36-84dd-4f5f-beed-cc8004296a7f; vipFqdn=vcf-m01-nsx.c.go-lab.jp; vip=192.168.70.12}
edgeNodes : {@{id=5c82add9-bf66-4744-9c77-eb04fc35d500; hostName=vcf-m01-edge-01.c.go-lab.jp}, @{id=0944df1f-e57a-4ee9-b018-cb4dac35740b; hostName=vcf-m01-edge-02.c.go-lab.jp}}
isTier0ManagedBySystem : True
skipTepRoutabilityCheck : False
SDDC Manager でも、Edge Cluster が作成されたことが確認できます。
Management Domain(vcf-m01)の「Edge クラスタ」タブに、NSX Edge Cluster とノードが表示されます。
以上、PowerVCF で NSX Edge Cluster をデプロイしてみる話でした。
